Edward Snowden

Cyber War

July 9th, 2015

Cyber war is soon becoming a reality. Recent attack on Sony is just the beginning. Security expert Bruce Schneier mentioned the possible destruction caused by cyber war in his address at the recent InfoSec Europe security conference in London.

“We are in the early years of a cyber war arms race,” he said. “We have seen China attack Github, we have seen countries attacking companies, and I think we are going to see much more of that in the future.”

He also mentioned that countries like North Korea have a natural advantage in this type of cyber warfare because of the basic level of technical infrastructure that they possess.

“North Korea has natural cyber-defenses in that it only has about 1,000 IP addresses, and it has only very few computers so its ‘terrain’ is very defensible. By contrast the U.S. is extremely vulnerable because it has lots of computers and Internet infrastructure.”

Also, some cyber warfare attacks may be carried out by groups (such as terrorist organizations) rather than countries.

“We are living in a world now where we can be attacked and not know if the attacker is a foreign government or just a couple of guys, and that is freaky,” Schneier said. “Technology is spreading capabilities, and the same weapons and tactics are available to everyone.”

In the real world scenario it is difficult to understand who is behind the attacks. Schneier mentioned one incident where Israeli war planes attacked and destroyed a nuclear facility in the Middle East 10 years ago.

“Four years later the Israelis and the U.S. attacked an Iranian uranium enrichment facility plant (at Natanz) using a cyber-weapon (Stuxnet). But the Iranians didn’t know that they had been attacked, let alone who did it,” he said. “Attribution can take weeks or months.”

Types of Cyber Attacks

  • Low focus, low skill attacks – Carried out by newbie
  • Low focus, high skill attacks – Involves identity theft and credit card breaches
  • Low skill, high focus attacks – It generally includes bypassing security measures
  • High focus, high skilled attacks- Most advanced

“To defend against low focus attacks you just need to be more secure than the guy next to you,” said Schneier. “With highly focused attacks this relative security is irrelevant; your security has to beat the attacker’s skill. With a high focus, high skill attack, a sufficiently skilled attacker will always get in. We are all vulnerable.”

Without the ability to attribute attacks, Schneier pointed out that it is also impossible to distinguish between computer network exploitation, a classic data breach where an attacker exploits vulnerabilities to steal things, and computer network attacks, where the attacker’s motivation is to cause damage. It’s the difference between copy *.* and delete *.*, in other words, he said.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken the necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.


Email Phishing scam leads to data breach

April 20th, 2015

St. Vincent Medical Group, Inc. suffered data breach when approximately 760 patients’ PHI got exposed. Employee’s username and password was compromised because of an email phishing scam which resulted in to the incident. St. Vincent learned about the data breach on Dec. 3, 2014, and said that it “immediately shut down the username and password of the impacted account and launched an investigation into the matter.”

The affected information includes patient names, demographic information such as dates of birth and phone numbers, account numbers, and Social Security numbers in a few cases. Limited clinical information related to services patients received was also included.

“The investigation has required electronic and manual review of affected emails to determine the scope of the incident,” As per the statement.

As per the St.Vincent individual medical records and billing records were not accessed.

“St.Vincent Medical Group sincerely apologizes for any inconvenience this unfortunate incident may cause and assures all of its patients that the faith-based organization is taking appropriate measures to avoid an incident of this nature happening in the future,” the facility said.

St. Vincent mentioned that complimentary identity monitoring and protection services will be offered to patients whose Social Security number was exposed. It will also be providing further employee education on how to avoid phishing scams.

This is not the first time St.Vincent suffered data breach. Earlier, St. Vincent Breast Center mistakenly sent letters with patient information to the wrong addresses.

As per the previous statement:

“Please be assured that the Center is taking steps to mitigate this incident by notifying affected individuals through this substitute notice, media notice, and destroying all letters that have been returned,” St. Vincent said on its website. “The Center is also evaluating and making changes to its patient mailing processes internally and with external vendors to avoid an incident of this nature in the future.”

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.